264 matches found
CVE-2016-6420
Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...
CVE-2016-6420
Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...
Authorization
Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...
CVE-2016-6420
CVE-2016-6420 affects Cisco FireSIGHT System Software used by Firepower Management Center (FMC) versions 4.10.3–5.4.0. The vulnerability is due to improper authorization checks in the FMC web framework, allowing remote authenticated users to bypass authorization and gain elevated privileges via a...
CVE-2016-6420
Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...
Cisco Firepower Management Center and FireSIGHT System Cross-Site Request Forgery Vulnerability
Cisco Firepower Management Center and FireSIGHT System Software are both management center software from Cisco USA. A cross-site request forgery vulnerability exists in Cisco Firepower Management Center and FireSIGHT System Software. A remote attacker could exploit this vulnerability to perform...
Cisco FireSIGHT System Software Privilege Escalation Vulnerability
A vulnerability in the web framework of the Cisco Firepower Management Center running on Cisco FireSIGHT System Software could allow authenticated, remote attackers to elevate privileges to access data outside their roles. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be...
Cisco FireSIGHT System Software Cross-Site Request Forgery Vulnerability
A cross-site request forgery CSRF vulnerability for Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to execute unwanted actions. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...
Cisco Firepower Management Center and FireSIGHT System Software Cross-Site Request Forgery Vulnerability
A cross-site request forgery CSRF vulnerability for Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of CSRF protections by an affected device. An attacker could...
CVE-2016-6411
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...
CVE-2016-6411
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...
Design/Logic Flaw
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...
CVE-2016-6411
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...
CVE-2016-6411
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 are affected by CVE-2016-6411, where the system mishandles comparisons between URLs and X.509 certificates, due to lack of verification of HTTP URL input against the SSL certificate. This allows an unauthenticated, remote attac...
Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability (CNVD-2016-08193)
Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco USA. A security vulnerability exists in Cisco Firepower Management Center and Cisco FireSIGHT System that allows an attacker to bypass configured SSL inspection rules with a specially crafted...
Cisco FireSIGHT System Software SSLIinspection Bypass Vulnerability
A vulnerability in SSL inspection for Cisco FireSIGHT System software could allow an unauthenticated, remote attacker to bypass configured do-not-decrypt rules in the SSL policy rule set. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources...
Cisco Firepower Management Center and FireSIGHT System Software SSLIinspection Bypass Vulnerability
A vulnerability in SSL inspection for Cisco Firepower Management Center and Cisco FireSIGHT System software could allow an unauthenticated, remote attacker to bypass configured do-not-decrypt rules in the SSL policy rule set. The vulnerability is due to lack of verification of the user input...
CVE-2016-6396
Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482...
CVE-2016-6395
Cross-site scripting XSS vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz58658...
CVE-2016-6394
Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...